{{Quickfixn}} Server-side certificates BUT no client-side certificates (from github #567)
Roberto Reff
roberto.reff at poligram.de
Wed Dec 18 08:43:23 PST 2019
Hello Grant.
We have used SSL stuff connection to bloomberg.
With those it is so that they issue a certificate, their public key is held at the client and the connection can be established.
The client itself does not yet have a certificate, so the host (acceptor) does not know it.
This setting works wonderfully.
To answer the question. yes, that works. For the explicit settings you have to specify which settings the Acceptor has made. Usually this is only possible with Trial end Error. Possibly somebody uses the same and can report from his experiences.
Regards
Roberto
________________________________
Von: Quickfixn <quickfixn-bounces at lists.quickfixn.com> im Auftrag von Grant Birchmeier <gbirchmeier at connamara.com>
Gesendet: Mittwoch, 18. Dezember 2019 17:30
An: Mailing list for QuickFIX/n <quickfixn at lists.quickfixn.com>
Betreff: {{Quickfixn}} Server-side certificates BUT no client-side certificates (from github #567)
Hi all,
If any of you are knowledgeable with SSL cert stuff, could you take a look at the below question that was submitted via github? It's just not an area I'm well-versed in.
Thanks
-Grant
---------- Forwarded message ---------
From: aerlian <notifications at github.com<mailto:notifications at github.com>>
Date: Wed, Dec 18, 2019 at 7:58 AM
Subject: [connamara/quickfixn] Server-side certificates BUT no client-side certificates (#567)
To: connamara/quickfixn <quickfixn at noreply.github.com<mailto:quickfixn at noreply.github.com>>
Cc: Subscribed <subscribed at noreply.github.com<mailto:subscribed at noreply.github.com>>
I don't seem to be able to get the following configuration to work:
1. Server certificate is configured
2. Client certificate is NOT configured
This would lead to a secure channel where the client identity is realized only from SenderCompID value sent in the request from client to server.
I see that QuickFix/J (https://www.quickfixj.org/usermanual/2.0.0/usage/configuration.html) has a setting that I believe I am looking for but cannot find in QuickFix/N:
NeedClientAuth=[Y|N]
Please can someone advise whether this configuration is possible in QuickFix/N and if so how should the config be made?
—
You are receiving this because you are subscribed to this thread.
Reply to this email directly, view it on GitHub<https://github.com/connamara/quickfixn/issues/567?email_source=notifications&email_token=AABZ52AFQMPI2NPYK5YSMITQZIUANA5CNFSM4J4LNA42YY3PNVWWK3TUL52HS4DFUVEXG43VMWVGG33NNVSW45C7NFSM4IBLEKTQ>, or unsubscribe<https://github.com/notifications/unsubscribe-auth/AABZ52BD4OTOLNQGZBJDAJ3QZIUANANCNFSM4J4LNA4Q>.
--
Grant Birchmeier
Connamara Systems, LLC
Made-To-Measure Trading Solutions.
Exactly what you need. No more. No less.
http://connamara.com
________________________________
Poligram GmbH
Rilkeweg 4
59519 Möhnesee
Geschäftsführung: Roberto Reff
Registergericht: Amtsgericht Arnsberg
Registernummer: HRB10900
USt.ID: DE251226082
http://www.poligram.de
This message contains confidential information and is intended only for the individual(s) addressed in the message. If you are not the named addressee, you should not disseminate, distribute, or copy this e-mail. If you are not the intended recipient, you are notified that disclosing, distributing, or copying this e-mail is strictly prohibited.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.quickfixn.com/pipermail/quickfixn-quickfixn.com/attachments/20191218/0993bdd7/attachment.htm>
More information about the Quickfixn
mailing list